Add rar container

This puts rar in a rootless container with no access to the network of the host.
2024-11-14 12:23:58 +01:00 · 2023-05-31 13:50:11 -04:00 · 2023-05-31 13:50:11 -04:00 · c9bcd57404
commit c9bcd57404
parent f073819dc8
2 changed files with 56 additions and 0 deletions
--- a/containers/rar.nix
+++ b/containers/rar.nix
@ -0,0 +1,55 @@
+{
+  containers.rar = {
+    autoStart = true;
+    privateNetwork = true;
+
+    bindMounts = {
+      "/home/user" = {
+        hostPath = "/home/user/containers/rar";
+        isReadOnly = false;
+      };
+    };
+
+    config = { pkgs, lib, ... }: {
+      programs = {
+        fish.enable = true;
+        neovim.enable = true;
+        starship.enable = true;
+      };
+
+      users = {
+        defaultUserShell = pkgs.fish;
+        mutableUsers = false;
+        allowNoPasswordLogin = true;
+
+        users.user = {
+          isNormalUser = true;
+          home = "/home/user";
+        };
+      };
+
+      environment = {
+        shells = with pkgs; [ fish ];
+
+        variables = {
+          TERM = "xterm-kitty";
+        };
+
+        defaultPackages = [ ];
+      };
+
+      environment.systemPackages = with pkgs; [
+        kitty
+        rar
+        unrar
+      ];
+
+      nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
+        "rar"
+        "unrar"
+      ];
+
+      system.stateVersion = "22.11";
+    };
+  };
+}
--- a/flake.nix
+++ b/flake.nix
@ -48,6 +48,7 @@
        ./games
        ./host
        ./terminal
+        ./containers/rar.nix
        {
          hardware.opengl.driSupport32Bit = true;